holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Restore loop detection in sectioned accounting rules

Browse Source
This commit is contained in:
Tom Eastep 2011-02-13 16:38:01 -08:00
parent dd81eedb42
commit e64070f9e1
1 changed files with 17 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
Shorewall/Perl/Shorewall/Accounting.pm
View File

@ -279,7 +279,6 @@ sub process_accounting_rule( ) {
if ( $jumpchainref ) { if ( $jumpchainref ) {
if ( $asection ) { if ( $asection ) {
fatal_error "Chain $chain jumps to itself" if $chainref eq $jumpchainref;
my $jumprestrict = $jumpchainref->{restriction} || $restriction; my $jumprestrict = $jumpchainref->{restriction} || $restriction;
fatal_error "Chain $jumpchainref->{name} contains rules that are incompatible with the $sectionname section" if $jumprestrict && $jumprestrict ne $restriction; fatal_error "Chain $jumpchainref->{name} contains rules that are incompatible with the $sectionname section" if $jumprestrict && $jumprestrict ne $restriction;
} }
@ -396,29 +395,29 @@ sub setup_accounting() {
for ( accounting_chainrefs ) { for ( accounting_chainrefs ) {
warning_message "Accounting chain $_->{name} has no references" unless keys %{$_->{references}}; warning_message "Accounting chain $_->{name} has no references" unless keys %{$_->{references}};
} }
}
if ( my $chainswithjumps = keys %accountingjumps ) { if ( my $chainswithjumps = keys %accountingjumps ) {
my $progress = 1; my $progress = 1;
while ( $chainswithjumps && $progress ) { while ( $chainswithjumps && $progress ) {
$progress = 0; $progress = 0;
for my $chain1 ( keys %accountingjumps ) { for my $chain1 ( keys %accountingjumps ) {
if ( keys %{$accountingjumps{$chain1}} ) { if ( keys %{$accountingjumps{$chain1}} ) {
for my $chain2 ( keys %{$accountingjumps{$chain1}} ) { for my $chain2 ( keys %{$accountingjumps{$chain1}} ) {
delete $accountingjumps{$chain1}{$chain2}, $progress = 1 unless $accountingjumps{$chain2}; delete $accountingjumps{$chain1}{$chain2}, $progress = 1 unless $accountingjumps{$chain2};
}
} else {
delete $accountingjumps{$chain1};
$chainswithjumps--;
$progress = 1;
} }
} else {
delete $accountingjumps{$chain1};
$chainswithjumps--;
$progress = 1;
} }
} }
}
if ( $chainswithjumps ) { if ( $chainswithjumps ) {
my @chainswithjumps = keys %accountingjumps; my @chainswithjumps = keys %accountingjumps;
fatal_error "Jump loop involving the following chains: @chainswithjumps"; fatal_error "Jump loop involving the following chains: @chainswithjumps";
}
} }
} }
} }